ing

Create and manage Hetzner Cloud servers. Use when creating VPS/cloud servers, managing Hetzner infrastructure, or setting up dev/remote servers. Requires…

Senior Project Manager for enterprise software, SaaS, and digital transformation projects. Specializes in portfolio management, quantitative risk analysis,…

Presentation creation, editing, and analysis. When Claude needs to work with presentations (.pptx files) for: (1) Creating new presentations, (2) Modifying or…

REST API 安全加固，涵盖身份认证、速率限制、输入验证和安全响应头。适用于生产环境 API、安全审计、纵深防御等场景。

与 Google Calendar 交互 - 列出日历、查看事件、创建/更新/删除事件以及查找空闲时间。当用户要求以下操作时使用：查看日历、安排会议、创建事件、查找可用时间、列出即将发生的事件、删除或更新日历事件，或回复会议邀请。作为完整 Google Workspace MCP server 的轻量级替代方案，支持独立的 OAuth 认证。

Navigate privacy regulations (GDPR, CCPA), review DPAs, and handle data subject requests. Use when reviewing data processing agreements, responding to data…

Comprehensive document creation, editing, and analysis with support for tracked changes, comments, formatting preservation, and text extraction. When Claude…

Dependency audit and cleanup workflow for maintaining healthy project dependencies. Use for regular maintenance, security updates, and removing unused packages.

A general skill for performing security reviews and auditing codebases for vulnerabilities. ALWAYS run this at the end of each task.

Use when a user asks to "proofread", "review and correct", "fix grammar", "improve readability while keeping my voice", and to proofread a document file and save an updated version.

MUST be used whenever fixing security issues in a Flows app, or before shipping any feature that handles credentials, user input, or external data. This skill…

Use when fixing or auditing ANY accessibility issue - VoiceOver, Dynamic Type, color contrast, touch targets, WCAG compliance, App Store accessibility review.

Market and engage on Reddit authentically. Use when the user says "Reddit marketing", "Reddit strategy", "promote on Reddit", "Reddit post", "subreddit…

Build Slack apps using the Bolt framework across Python, JavaScript, and Java. Covers Block Kit for rich UIs, interactive components, slash commands, event…

MUST be used whenever fixing correctness and error handling issues in a Flows app. This skill finds AND fixes bugs, missing error states, unhandled rejections,…

当需要使用 gh CLI 处理 GitHub 开放 Pull Request 上的审查或 issue 评论时。

Master smart contract security with auditing, vulnerability detection, and incident response

Review Next.js security audit patterns for App Router and Server Actions. Use for auditing NEXT_PUBLIC_* exposure, Server Action auth, and middleware matchers. Use proactively when reviewing Next.js apps. Examples: - user: "Scan Next.js env vars" → find leaked secrets with NEXT_PUBLIC_ prefix - user: "Audit Server Actions" → check for missing auth and input validation - user: "Review Next.js middleware" → verify matcher coverage for protected routes - user: "Check Next.js API routes" → verify auth in app/api and pages/api - user: "Secure Next.js headers" → audit next.config.js for security headers

Deep architectural audit focused on finding dead code, duplicated functionality, architectural anti-patterns, type confusion, and code smells. Use when user…

Optimize web performance for faster loading and better user experience. Use when asked to "speed up my site", "optimize performance", "reduce load time", "fix…